If you have a management role group that contains the
permissions you want to grant to users, but you want to apply a
different management scope, or remove or add one or two management
roles without having to add all the other roles manually, you can
copy the existing role group. For more information about role
groups in Microsoft Exchange Server 2010, see Understanding Management
Role Groups.

Use the ECP to copy
a role group

You need to be assigned permissions before you can
perform this procedure. To see what permissions you need, see the
"Role groups" entry in the Role Management
Permissions topic.

Important:

You can't use the Exchange Control Panel (ECP) to copy a role
group if you've used the Exchange Management Shell to configure
multiple management role scopes or exclusive scopes on the role
group. If you've configured multiple scopes or exclusive scopes on
the role group, you must use the Shell procedures later in this
topic to copy the role group. For more information about management
role scopes, see Understanding Management
Role Scopes.

In the EMC, navigate to Toolbox in the console tree.

In the work pane, double-click Role Based Access Control
(RBAC) User Editor to open the user editor in the Exchange
Control Panel (ECP).

Provide credentials in the Domain\user name and
Password fields for an account that has the permissions
needed to open the user editor in the ECP. Click Sign
in.

Click the Administrator Roles tab.

Select the role group you want to copy, and then click
Copy.

In the Name field, enter the name of the new role
group.

In the Description field, provide a short description of
the purpose for the role group.

Select one of the two following Write scope options:

A write scope from the drop-down box. In this box, you can
select either the default write scope or a custom write scope.

Organizational unit Select this option
and provide an organizational unit (OU) if you want to scope this
role group to an OU.

In the Roles section, do the following:

To add one or more management roles to the role group, click
Add and select the roles you want to add. You can select
multiple roles at one time. Then click OK.

To remove one or more roles from the role group, select the
roles you want to remove, and click Remove.

In the Members section, do the following:

To add one or more members to the role group, click Add
and select the mailboxes, role groups or universal security groups
(USGs) you want to add. You can select multiple items at one time.
Then click OK.

To remove one or more members, select the members you want to
remove, and click Remove.

When you're done, click Save to create the new role
group.

Use the Shell to
copy a role group with no scope

You need to be assigned permissions before you can
perform this procedure. To see what permissions you need, see the
"Role groups" entry in the Role Management
Permissions topic.

Store the role group that you want to copy in a variable using
the following syntax:

Copy Code

$RoleGroup = Get-RoleGroup <name of role group to copy>

Create the new role group, and also add members to the role
group and specify who can delegate the new role group to other
users, using the following syntax:

For example, the following commands copy the
Organization Management role group, and name the new role group
"Limited Organization Management". It adds the members Isabelle,
Carter, and Lukas and can be delegated by Jenny and Katie.

For example, the following commands copy the
Organization Management role group and create a new role group
called Vancouver Organization Management with the Vancouver Users
recipient scope and Vancouver Servers configuration scope.

After the new role group is created, you can add or
remove roles, change the scope of role assignments on the role, and
perform other tasks. For more information, see the Other Tasks section later in
this topic.

For example, the following commands copy the Recipient
Management role group and create a new role group called Toronto
Recipient Management that allows management of only users in the
Toronto Users OU.